<?php
	@session_start();
	require_once 'shared-functions.php';
	require_once 'session.php';
	require_once 'masterpage.php';

	if(!IsValidSession()) {
		header('Location: login.php?page=add-assignments');
		exit();
	} else {
		RefreshSession();
	}
	
	$user = GetCurrentUserAccessLevel();

    //Check user access
    if($user == $STUDENT || $user == $LIBRARIAN)
    {
        header('Location: login.php?page=add-assignments&error=Insufficient privileges to access to the add assignments page&logout=1');
        exit();
    }

	masterpage("Add Assignments");

	
	
	echo '<form action="manage-assignments.php" method="post">';
	echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
	echo '<input type="submit" value="&lt;&lt; Back to Manage Assignments" />';
	echo '</form>';
	
	
	
	if (isset($_POST['submitted']))
	{
		$link = connect_db();
		$query = "INSERT INTO `CourseWork` (CourseInstance, ItemName, ItemDescription, MaxPoints, Weight) VALUES ('$_POST[CourseInstance]', '$_POST[ItemName]', '$_POST[ItemDescription]', '$_POST[MaxPoints]', '$_POST[Weight]');";
		$result = mysql_query($query, $link);
		if ($result)
			echo "<br/><br/>Assignment added";
		else
			echo "<br/><br/>Assignment not added: " . mysql_error();
	}
	else
	{	
		echo "<form action='add-assignments.php' method='POST'>";
		echo '<input type="hidden" name="CourseInstance" value="' . $_POST['CourseInstance'] . '"/>';
		echo "	<p>Assignment Name:<br/><input type='text' name='ItemName'/></p>";
		echo "	<p>Description:<br/><textarea name='ItemDescription' rows='3' cols='70'></textarea></p>";
		echo "	<p>Max Points:<br/><input type='text' name='MaxPoints'/></p>";
		echo "	<p>Weight:<br/><input type='text' name='Weight'/></p>";
		echo "	<input type='submit' value='Add'><input type='hidden' value='1' name='submitted'/>";
		echo "</form>";
	}

	endmasterpage();
?>
